Risk analysis predicts likelihood of disasters, such as severe failures of an Information Technology (“IT”) infrastructure, that an organization may face, and the consequences of such failures. IT disasters, such as an e-mail server failure or other computer network failure, can impact the organization's ability to operate efficiently.
Known cindynic theory (science of danger) is applicable in different domains. For example, cindynics has been used to detect industrial risks and can also be used in the area of computer network (including computer hardware and software) risks. According to the modern theory of description, a hazardous situation (cindynic situation) has been defined if the field of the “hazards study” is clearly identified by limits in time (life span), limits in space (boundaries), and limits in the participants' networks involved and by the perspective of the observer studying the system. At this stage of the known development of the sciences of hazards, the perspective can follow five main dimensions.
A first dimension comprises memory, history and statistics (a space of statistics). The first dimension consists of all the information contained in databases of large institutions constituting feedback from experience (for example, electricity of France power plants, Air France flights incidents, forest fires monitored by the Sophia Antipolis center of the Ecole des Mines de Paris, and claims data gathered by insurers and reinsurers).
A second dimension comprises representations and models drawn from the facts (a space of models). The second dimension is the scientific body of knowledge that allows computation of possible effects using physical principles, chemical principles, material resistance, propagation, contagion, explosion and geo-cindynic principles (for example, inundation, volcanic eruptions, earthquakes, landslides, tornadoes and hurricanes).
A third dimension comprises goals & objectives (a space of goals). The third dimension requires a precise definition by all the participants and networks involved in the cindynic situation of their reasons for living, acting and working. It is arduous to clearly express why participants act as they do and what motivates them. For example, there are two common objectives for risk management—“survival” and “continuity of customer (public) service”. These two objectives lead to fundamentally different cindynic attitudes. The organization, or its environment, will have to harmonize these two conflicting goals.
A fourth dimension comprises norms, laws, rules, standards, deontology, compulsory or voluntary, controls, etc. (a space of rules). The fourth dimension comprises all the normative set of rules that makes life possible in a given society. For example, socient determined a need for a traffic code when there were enough automobiles to make it impossible to rely on courtesy of each individual driver; the code is compulsory and makes driving on the road reasonably safe and predictable. The rules for behaving in society are aimed at reducing the risk of injuring other people and establishing a society. On the other hand, there are situations, in which the codification is not yet clarified. For example, skiers on the same ski-slope may have different skiing techniques and endanger each other. In addition, some skiers use equipment not necessarily compatible with the safety of others (cross country sky and mono-ski, etc.)
A fifth dimension comprises value systems (a space of values). The fifth dimension is the set of fundamental objectives and values shared by a group of individuals or other collective participants involved in a cindynic situation. For example, protection of a nation from an invader was a fundamental objective and value, and meant protection of the physical resources as well as the shared heritage or values. Protection of such values may lead the population to accept heavy sacrifices.
A number of general principles, called axioms, have been developed within cindynics. The cindynic axioms explain the emergence of dissonances and deficits.
CINDYNIC AXIOM 1—RELATIVITY: The perception of danger varies according to each participant's situation. Therefore, there is no “objective” measure of danger. This principle is the basis for the concept of situation.
CINDYNIC AXIOM 2—CONVENTION: The measures of risk (traditionally measured by the vector Frequency—Severity) depend on convention between participants.
CINDYNIC AXIOM 3—GOALS DEPENDENCY: Goals can directly impact the assessment of risks. The participants may have conflicting perceived objectives. It is essential to try to define and prioritise the goals of the various participants involved in the situation. Insufficient clarification of goals is a current pitfall in complex systems.
CINDYNIC AXIOM 4—AMBIGUITY: There is usually a lack of clarity in the five dimensions previously mentioned. A major task of prevention is to reduce these ambiguities.
CINDYNIC AXIOM 5—AMBIGUITY REDUCTION: Accidents and catastrophes are accompanied by brutal transformations in the five dimensions. The reduction of ambiguity (or contradictions) of the content of the five dimensions will happen when they are excessive. This reduction can be involuntary and brutal, resulting in an accident, or voluntary and progressive achieved through a prevention process.
CINDYNIC AXIOM 6—CRISIS: A crisis results from a tear in the social cloth. This means a dysfunction in the networks of the participants involved in a given situation. Crisis management may comprises an emergency reconstitution of networks.
CINDYNIC AXIOM 7—AGO-ANTAGONISTIC CONFLICT: Any therapy is inherently dangerous. Human actions and medications are accompanied by inherent dangers. There is always a curing aspect, reducing danger (cindynolitic), and an aggravating factor, creating new danger (cindynogenetic).
The main utility of these principles is to reduce time lost in unproductive discussions on the following subjects:                How accurate are the quantitative evaluations of catastrophes—Quantitative measures result from conventions, scales or unit of measures (axiom 2); and        Negative effects of proposed prevention measures—In any action positive and negative impacts are intertwined (axiom 7).        
Consequently, Risk Analysis, viewed by the cindynic theory, takes into account the frequency that the disaster appears (probability), and its real impact on the participant or organization (damage).
FIG. 1 shows a known “Farmer's” curve 9 where disasters are placed on a graph showing the relationship between probability and damage.
Disaster study is a part of Risk Analysis; its aim is to follow the disaster evolution. Damages are rated in term of cost or rate, with time. Let “d” denote the damage of a given disaster and “f” denote the frequency of such a disaster. From a quantitative point of view, it is common to define a rating “R” of the associated risk as: R=d×f. In practice, often, the perception of risk is such that the relevance given to the damaging consequences “d” is far greater than that given to its probability of occurrence f so that, the given “R=d×f” is slightly modified to: R=dk×f with k>1. So, numerically larger values of risk are associated with larger consequences.
Disasters are normally identified by IT infrastructure components. These components follow rules or parameters and may generate log traces. Typically, disaster information is represented in the form of log files. The disaster rating and scale are relative rather than absolute. The scale may be, for example, values between “1” and “10”: “1” being a minor disaster of minimal impact to the disaster data group and “10” being a major disaster having widespread impact. The logging function depends of the needs of monitoring systems and data volumes and, in some cases, delay due to legal obligations.
The known Risk Analysis uses a simple comparison between values found by the foregoing operations, in order to extract statistics. Also, a full Risk Analysis of a IT infrastructure required a one to one analysis of all the data held on disasters. By comparing each disaster with each of the other disaster it was possible to calculate the likelihood of further disasters. This process is computationally expensive and also requires a significant amount of a computer's Random Access Memory (RAM).
An object of the present invention is to estimate risk of disaster of an infrastructure.
Another object of the present invention is to facilitate estimation of risk of disaster of an infrastructure.